def renew_certs():
click.confirm(
'Running this will stop the nginx service temporarily causing your sites to go offline\n'
'Do you want to continue?',
abort=True)
service('nginx', 'stop')
exec_cmd("{path} renew".format(path=get_certbot_path()))
service('nginx', 'start')
def _delete_symlinks(zinuit_path):
zinuit_dir = os.path.abspath(zinuit_path)
etc_systemd_system = os.path.join('/', 'etc', 'systemd', 'system')
config_path = os.path.join(zinuit_dir, 'config', 'systemd')
unit_files = get_unit_files(zinuit_dir)
for unit_file in unit_files:
exec_cmd('sudo rm {etc_systemd_system}/{unit_file_init}'.format(
config_path=config_path,
etc_systemd_system=etc_systemd_system,
unit_file_init="".join(unit_file)))
exec_cmd('sudo systemctl daemon-reload')
def setup_wildcard_ssl(domain, email, zinuit_path, exclude_base_domain):
def _get_domains(domain):
domain_list = [domain]
if not domain.startswith('*.'):
# add wildcard caracter to domain if missing
domain_list.append('*.{0}'.format(domain))
else:
# include base domain based on flag
domain_list.append(domain.replace('*.', ''))
if exclude_base_domain:
domain_list.remove(domain.replace('*.', ''))
return domain_list
if not get_config(zinuit_path).get("dns_multitenant"):
print("You cannot setup SSL without DNS Multitenancy")
return
get_certbot()
domain_list = _get_domains(domain.strip())
email_param = ''
if email:
email_param = '--email {0}'.format(email)
try:
exec_cmd(
"{path} certonly --manual --preferred-challenges=dns {email_param} \
--server https://acme-v02.api.letsencrypt.org/directory \
--agree-tos -d {domain}".format(path=get_certbot_path(),
domain=' -d '.join(domain_list),
email_param=email_param))
except CommandFailedError:
print("There was a problem trying to setup SSL")
return
ssl_path = "/etc/letsencrypt/live/{domain}/".format(domain=domain)
ssl_config = {
"wildcard": {
"domain": domain,
"ssl_certificate": os.path.join(ssl_path, "fullchain.pem"),
"ssl_certificate_key": os.path.join(ssl_path, "privkey.pem")
}
}
update_common_site_config(ssl_config)
setup_crontab()
make_nginx_conf(zinuit_path)
print("Restrting Nginx service")
service('nginx', 'restart')
def reload_supervisor():
supervisorctl = find_executable('supervisorctl')
try:
# first try reread/update
exec_cmd('sudo {0} reread'.format(supervisorctl))
exec_cmd('sudo {0} update'.format(supervisorctl))
return
except CommandFailedError:
pass
try:
# something is wrong, so try reloading
exec_cmd('sudo {0} reload'.format(supervisorctl))
return
except CommandFailedError:
pass
try:
# then try restart for centos
service('supervisord', 'restart')
return
except CommandFailedError:
pass
try:
# else try restart for ubuntu / debian
service('supervisor', 'restart')
return
except CommandFailedError:
pass
def setup_production(user, yes=False):
"setup zinuit for production"
from zinuit.config.production_setup import setup_production
from zinuit.utils import run_playbook
# Install prereqs for production
from distutils.spawn import find_executable
if not find_executable('ansible'):
exec_cmd("sudo pip install ansible")
if not find_executable('fail2ban-client'):
exec_cmd("zinuit setup role fail2ban")
if not find_executable('nginx'):
exec_cmd("zinuit setup role nginx")
if not find_executable('supervisord'):
exec_cmd("zinuit setup role supervisor")
setup_production(user=user, yes=yes)
def run_certbot_and_setup_ssl(site,
custom_domain,
zinuit_path,
interactive=True):
service('nginx', 'stop')
get_certbot()
try:
interactive = '' if interactive else '-n'
exec_cmd(
"{path} {interactive} --config /etc/letsencrypt/configs/{site}.cfg certonly"
.format(path=get_certbot_path(),
interactive=interactive,
site=custom_domain or site))
except CommandFailedError:
service('nginx', 'start')
print("There was a problem trying to setup SSL for your site")
return
ssl_path = "/etc/letsencrypt/live/{site}/".format(
site=custom_domain or site)
ssl_config = {
"ssl_certificate": os.path.join(ssl_path, "fullchain.pem"),
"ssl_certificate_key": os.path.join(ssl_path, "privkey.pem")
}
if custom_domain:
remove_domain(site, custom_domain, zinuit_path)
domains = get_domains(site, zinuit_path)
ssl_config['domain'] = custom_domain
domains.append(ssl_config)
update_site_config(site, {"domains": domains}, zinuit_path=zinuit_path)
else:
update_site_config(site, ssl_config, zinuit_path=zinuit_path)
make_nginx_conf(zinuit_path)
service('nginx', 'start')
def setup_manager(yes=False, port=23624, domain=None):
"Setup zinuit-manager.local site with the zinmanager app installed on it"
from six.moves import input
create_new_site = True
if 'zinuit-manager.local' in os.listdir('sites'):
ans = input(
'Site already exists. Overwrite existing site? [Y/n]: ').lower()
while ans not in ('y', 'n', ''):
ans = input(
'Please enter "y" or "n". Site already exists. Overwrite existing site? [Y/n]: '
).lower()
if ans == 'n':
create_new_site = False
if create_new_site:
exec_cmd("zinuit new-site --force zinuit-manager.local")
if 'zinmanager' in os.listdir('apps'):
print('App already exists. Skipping app download.')
else:
exec_cmd("zinuit get-app zinmanager")
exec_cmd("zinuit --site zinuit-manager.local install-app zinmanager")
from zinuit.config.common_site_config import get_config
zinuit_path = '.'
conf = get_config(zinuit_path)
if conf.get('restart_supervisor_on_update') or conf.get(
'restart_systemd_on_update'):
# implicates a production setup or so I presume
if not domain:
print(
"Please specify the site name on which you want to host zinuit-manager using the 'domain' flag"
)
sys.exit(1)
from zinuit.utils import get_sites, get_zinuit_name
zinuit_name = get_zinuit_name(zinuit_path)
if domain not in get_sites(zinuit_path):
raise Exception("No such site")
from zinuit.config.nginx import make_zinmanager_nginx_conf
make_zinmanager_nginx_conf(zinuit_path,
yes=yes,
port=port,
domain=domain)
def service(service, option):
if os.path.basename(get_program(['systemctl'])
or '') == 'systemctl' and is_running_systemd():
exec_cmd("sudo {service_manager} {option} {service}".format(
service_manager='systemctl', option=option, service=service))
elif os.path.basename(get_program(['service']) or '') == 'service':
exec_cmd("sudo {service_manager} {service} {option} ".format(
service_manager='service', service=service, option=option))
else:
# look for 'service_manager' and 'service_manager_command' in environment
service_manager = os.environ.get("ZINUIT_SERVICE_MANAGER")
if service_manager:
service_manager_command = (
os.environ.get("ZINUIT_SERVICE_MANAGER_COMMAND")
or "{service_manager} {option} {service}").format(
service_manager=service_manager,
service=service,
option=option)
exec_cmd(service_manager_command)
else:
raise Exception('No service manager found')
def generate_systemd_config(zinuit_path,
user=None,
yes=False,
stop=False,
create_symlinks=False,
delete_symlinks=False):
if not user:
user = getpass.getuser()
config = get_config(zinuit_path=zinuit_path)
zinuit_dir = os.path.abspath(zinuit_path)
zinuit_name = get_zinuit_name(zinuit_path)
if stop:
exec_cmd(
'sudo systemctl stop -- $(systemctl show -p Requires {zinuit_name}.target | cut -d= -f2)'
.format(zinuit_name=zinuit_name))
return
if create_symlinks:
_create_symlinks(zinuit_path)
return
if delete_symlinks:
_delete_symlinks(zinuit_path)
return
number_of_workers = config.get('background_workers') or 1
background_workers = []
for i in range(number_of_workers):
background_workers.append(
get_zinuit_name(zinuit_path) + "-metel-default-worker@" +
str(i + 1) + ".service")
for i in range(number_of_workers):
background_workers.append(
get_zinuit_name(zinuit_path) + "-metel-short-worker@" +
str(i + 1) + ".service")
for i in range(number_of_workers):
background_workers.append(
get_zinuit_name(zinuit_path) + "-metel-long-worker@" + str(i + 1) +
".service")
zinuit_info = {
"zinuit_dir":
zinuit_dir,
"sites_dir":
os.path.join(zinuit_dir, 'sites'),
"user":
user,
"metel_version":
get_current_metel_version(zinuit_path),
"use_rq":
use_rq(zinuit_path),
"http_timeout":
config.get("http_timeout", 120),
"redis_server":
find_executable('redis-server'),
"node":
find_executable('node') or find_executable('nodejs'),
"redis_cache_config":
os.path.join(zinuit_dir, 'config', 'redis_cache.conf'),
"redis_socketio_config":
os.path.join(zinuit_dir, 'config', 'redis_socketio.conf'),
"redis_queue_config":
os.path.join(zinuit_dir, 'config', 'redis_queue.conf'),
"webserver_port":
config.get('webserver_port', 8000),
"gunicorn_workers":
config.get('gunicorn_workers',
get_gunicorn_workers()["gunicorn_workers"]),
"zinuit_name":
get_zinuit_name(zinuit_path),
"worker_target_wants":
" ".join(background_workers),
"zinuit_cmd":
find_executable('zinuit')
}
if not yes:
click.confirm(
'current systemd configuration will be overwritten. Do you want to continue?',
abort=True)
setup_systemd_directory(zinuit_path)
setup_main_config(zinuit_info, zinuit_path)
setup_workers_config(zinuit_info, zinuit_path)
setup_web_config(zinuit_info, zinuit_path)
setup_redis_config(zinuit_info, zinuit_path)
update_config({'restart_systemd_on_update': True}, zinuit_path=zinuit_path)
update_config({'restart_supervisor_on_update': False},
zinuit_path=zinuit_path)
def migrate_env(python, no_backup=False):
"""
Migrate Virtual Environment to desired Python Version.
"""
try:
# Clear Cache before Zinuit Dies.
config = get_config(zinuit_path=os.getcwd())
rredis = urlparse(config['redis_cache'])
redis = '{redis} -p {port}'.format(redis=which('redis-cli'),
port=rredis.port)
log.debug('Clearing Redis Cache...')
exec_cmd('{redis} FLUSHALL'.format(redis=redis))
log.debug('Clearing Redis DataBase...')
exec_cmd('{redis} FLUSHDB'.format(redis=redis))
except Exception:
log.warn('Please ensure Redis Connections are running or Daemonized.')
try:
# This is with the assumption that a zinuit is set-up within path.
path = os.getcwd()
# I know, bad name for a flag. Thanks, Ameya! :| - <Administrator>
if not no_backup:
# Back, the f*ck up.
parch = osp.join(path, 'archived_envs')
if not osp.exists(parch):
os.mkdir(parch)
# Simply moving. Thanks, Ameya.
# I'm keen to zip.
source = osp.join(path, 'env')
target = parch
log.debug('Backing up Virtual Environment')
stamp = datetime.now().strftime('%Y%m%d_%H%M%S')
dest = osp.join(path, str(stamp))
# WARNING: This is an archive, you might have to use virtualenv --relocate
# That's because virtualenv creates symlinks with shebangs pointing to executables.
# shebangs, shebangs - ricky martin.
# ...and shutil.copytree is a f*cking mess.
os.rename(source, dest)
shutil.move(dest, target)
log.debug('Setting up a New Virtual {python} Environment'.format(
python=python))
# Path to Python Executable (Basically $PYTHONPTH)
python = which(python)
virtualenv = which('virtualenv')
nvenv = 'env'
pvenv = osp.join(path, nvenv)
exec_cmd('{virtualenv} --python {python} {pvenv}'.format(
virtualenv=virtualenv, python=python, pvenv=pvenv),
cwd=path)
pip = osp.join(pvenv, 'bin', 'pip')
exec_cmd('{pip} install --upgrade pip'.format(pip=pip))
exec_cmd('{pip} install --upgrade setuptools'.format(pip=pip))
# TODO: Options
papps = osp.join(path, 'apps')
apps = ['metel', 'redapple'] + [
app
for app in os.listdir(papps) if app not in ['metel', 'redapple']
]
for app in apps:
papp = osp.join(papps, app)
if osp.isdir(papp) and osp.exists(osp.join(papp, 'setup.py')):
exec_cmd('{pip} install -e {app}'.format(pip=pip, app=papp))
log.debug('Migration Successful to {python}'.format(python=python))
except:
log.debug('Migration Error')
raise
